A popular Facebook game is amassing massive amounts of data on its users and their friends and could be selling it.
A viral Facebook app is collecting data on its users AND their friends and could be selling it, meaning your information might be for sale and you don’t even realize it.
The Independent reports that the app, called “Most Used Words” on Facebook has been shared millions of times, but “may be stealing the information of those who use it,” as well as their friends.
The app, like most others, lures people with an interesting offer and then requests access to your information before you can use it.
According to the Independent, [the app] “It pulls information from users’ statuses and finds the words that they have used most, assembling them into a picture [a word cloud] that shows the most common ones largest.”
Then when a user’s friends click on that post a window appears offering the viewer the option to grant the app access to their own profile so it can analyze what they have posted and create their own word cloud.
However, as The Independent notes: “when the app requests access to your Facebook profile, it also requires that people allow it to hoover up private information from a users’ accounts.” The app then “asks for permission to see everything a user has ever liked. It also gathers up information about the computer that is being used — including its IP address and what browser they are using, both of which can easily be used to steal further personal information.”
Here is a list of the items required to use the app:
- Name, profile picture, age, sex, birthday, and other public info
- Entire friend list
- Everything you’ve ever posted on your timeline
- All of your photos and photos you’re tagged in
- Education history
- Hometown and current city
- Everything you’ve ever liked
- IP address
- Info about the device you’re using including browser and language
Unfortunately for your friends, part of the information the app gathers will include data about them to include your entire friends list along with any photos or posts you are tagged in. That means the app could have information about people who have never used the app or given it consent to access their data.
For those unfamiliar with Comparitech, it is a “pro-consumer website” whose mission is “to help consumers make more savvy decisions when they subscribe to tech services such as VPNs, antivirus and online security products, cloud backup, broadband services and more.”
Comparitech first reported on issues surrounding privacy on Sunday, November 22, 2015 and three days later the app’s creator, Vonvon, sent them a message saying it does not sell data to third parties. However, as both The Independent and Comparitech explain – the terms of service for the app might tell a completely different story.
For instance, the app’s terms of service states that all the information it gathers will remain on their servers “after the termination of your membership to this WebSite and\or use of our services, for any reason whatsoever.” Additionally, that information may be stored on any of our servers, at any location – even in countries with limited or non-existent privacy laws.
We do not share your Personal Information with third parties unless We have received your permission to do so, or given you notice thereof. [emphasis added]
Worse yet, Vonvon states: